IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: applying AES-GCM to secure shell: proposed "tweak"



> A post-KEX OPTION packet could work* [...]

> * except that it won't - OpenSSH just had to switch off a few channel
> and global extensions for all but other OpenSSH peers because some
> other implementations will disconnect as soon as they see an
> extension message that they do not recognise.

OpenSSH didn't _have_ to.  It _chose_ to.  Broken implementations are
broken; if they can't be bothered to correctly respond to well-defined
and conformant protocol they don't happen to implement, that's their
problem.  If OpenSSH really wants to bend over backwards to avoid
showing up bugs in buggy implementations, surely the right way to do it
is by detecting the buggy ones and working around them, rather than
assuming everyone but themselves is buggy.

If I create and release an implementation that ungracefully disconnects
when offered anything but 3des-cbc as a cipher, will they then stop
offering everything else unless talking to themselves?  One that
crashes when offered a username containing a 'q', will they then reject
attempts to use such usernames?  They're basically the same thing, just
a little (first one) or a lot (second one) more extreme.  You can't
paper over everyone else's bugs, and trying only encourages the bugs to
persist.

> So we really are quite constrained in how we can practically extend
> the protocol.

Only if you really do believe in breaking interoperability with
non-broken implementations for the sake of interoperability with broken
implementations.  I don't.

I ran into an implementation apparently too broken to handle some one
of the extensions moussh uses (I don't know which extension - it was
the embedded ssh server on a switch, and the tradeoffs were wrong for
trying to probe the envelope of the bug).  But what I did was to
suppress all use of DNS-based extension names when given a command-line
flag saying to do so, not to do so by default!

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse%rodents-montreal.org@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B



Home | Main Index | Thread Index | Old Index